from Your News:
Recent testimony before the Georgia State Election Board unveiled that Dominion Voting Systems’ encryption keys could allow decryption and alteration of election result files.
By yourNEWS Media Newsroom
Recent court testimony has exposed significant security concerns involving Dominion Voting Systems, with claims that encryption keys used in the machines could be exploited to decrypt and modify election result files, National File reported. The revelations were presented during an October 8 hearing by VoterGA Co-Founder Garland Favorito, summarizing expert testimony from a recent case in Fulton County Superior Court.
TRUTH LIVES on at https://sgtreport.tv/
The testimony, delivered by cybersecurity experts Clay Parikh and Ben Cotton in the case of DeKalb Republican Party vs. Raffensperger, highlighted vulnerabilities that may affect election security in Georgia and potentially across the nation. According to Favorito, “Clay Parikh demonstrated in court that you could change the votes without even doing the decryption.” These claims raise concerns about the integrity of election systems used during the 2020 General Election and the 2021 U.S. Senate runoff in Georgia.
Experts Parikh and Cotton analyzed four authenticated county election databases, acquired through Open Records Requests, confirming the legitimacy of the data. The analysis revealed multiple security flaws:
- Dominion Voting Systems worldwide utilize a shared X.509 certificate value for communication, potentially allowing unauthorized access.
- The administrator password is hardcoded and widely known, compromising system security.
- Generic passwords, rather than user-specific ones, reduce the ability to audit system updates effectively.
- Instead of securely hashing passwords, the systems encrypt them, introducing further risk.
- Encryption keys are stored in plain text within database tables, making them easily retrievable for decrypting data.
- Malware could manipulate vote counts without decryption, highlighting the susceptibility to tampering.
Additional testimony by Mr. Cotton revealed that an election management server was connected to an internet mail site, raising concerns about exposure to external threats. Furthermore, the examination of the server uncovered nearly 3,000 modifications to executable program files since its initial setup on September 12, 2019. Cotton also identified an uncertified compiler on the server, which could allow malicious actors to introduce unauthorized programs, further violating election certification standards.
The experts concluded that Dominion’s system could not meet the Election Assistance Commission’s (EAC) certification criteria, as encryption keys are required to be stored within an encryption module. Cotton’s findings also pointed out that the system is not currently “safe and practicable for use,” as mandated for state certification.
